def facebook_login(request):
# TODO: Add CSRF prevention
login_link = 'https://www.facebook.com/dialog/oauth?' + urllib.urlencode(
{
'client_id': settings.FACEBOOK_APP_ID,
'redirect_uri': get_domain(request) + '/',
'response_type': 'code',
'scope': 'email,user_birthday,friends_birthday',
}
)
return HttpResponseRedirect(login_link)
def process_request(self, request):
oauth_code = request.GET.get('code', '')
redirect_uri = get_domain(request) + '/'
if oauth_code != '':
token_url = self.build_token_url(oauth_code, redirect_uri)
access_token, _ = self.get_access_token_expire(token_url)
# Store access token in session
request.session['facebook_access_token'] = access_token
user_data = self.get_current_user_data(access_token)
if user_data is not None:
if request.user.is_authenticated():
self.unbind_facebook_account(user_data)
self.bind_facebook_account(request.user, user_data)
else:
user = self.facebook_connect(user_data)
instant_login(request, user)
return HttpResponsePermanentRedirect(redirect_uri + '#')